freenet-router |
Subversion Repositories: |
Compare with Previous - Blame - Download
#! /bin/bash
# Firewall nove generace pro Czela Debian 3.0
# Autor: Mirek Slugen
# Spoluatori: Michal Perlik, Michal Vondracek, Jan Chmelensky
# Vytvoreno: 06.11.2006
# Naposledy zmeneno: 17.09.2007
# Tento skript muzete volne sirit a upravovat.
# interni promenne tykajici se pouze account
ACCOUNT_DIR="/var/log/account"
ACCOUNT_COMPRESSION="yes"
# kazdych 120 ($INTERVAL) vterin bude graf ocekavat nova data
INTERVAL="120"
# MaximĂĄlnĂ doba ÄekĂĄnĂ na novĂĄ data, po pĹekroÄenĂ bude ÄasovĂ˝ Ăşsek oznaÄen unknown
INTERVAL_0="$(($INTERVAL * 2))"
# den - nechame kazdy vzorek (720*1*120) = (24*60*60)
# tyden - nechame kazdy 7. vzorek (1260*4*120) = (7*24*60*60)
# mesic - nechame kazdy 31. vzorek (2232*10*120) = (31*24*60*60)
# rok - nechame kazdy 365. vzorek (4380*60*120) = (365*24*60*60)
INTERVAL_1="1:$(((24 * 60 * 60) / ($INTERVAL * 1)))"
INTERVAL_2="7:$(((7 * 24 * 60 * 60) / ($INTERVAL * 7)))"
INTERVAL_3="31:$(((31 * 24 * 60 * 60) / ($INTERVAL * 31)))"
INTERVAL_4="365:$(((365 * 24 * 60 * 60) / ($INTERVAL * 365)))"
RO="no"
account_create_dir() {
# VytvoĹĂme adresĂĄĹovou strutkuru
mkdir -p "$ACCOUNT_DIR"
mkdir -p "$ACCOUNT_DIR/graphs"
mkdir -p "$ACCOUNT_DIR/rrd"
chown www-data:www-data -R "$ACCOUNT_DIR/graphs"
}
rrdtool_update() {
if [ "$ACCOUNT_COMPRESSION" == "yes" ]; then
cp "$ACCOUNT_DIR/rrd/$1" "/tmp/account_$1"
rrdtool update "/tmp/account_$1" -t $2 $3
mv "/tmp/account_$1" "$ACCOUNT_DIR/rrd/$1"
else
rrdtool update "$ACCOUNT_DIR/rrd/$1" -t $2 $3
fi
}
# implementace pocitani dat
account_start() {
account_stop
[ "$INTERNAL_IP" != "" ] && $IPTABLES -I FORWARD -j ACCOUNT --addr $INTERNAL_IP --tname account
[ "$EXTERNAL_IP" != "" ] && $IPTABLES -I FORWARD -j ACCOUNT --addr $EXTERNAL_IP --tname account_ext
#if [ "`$IPTABLES -L FORWARD | grep eth_accept`" != "" ]; then
# $IPTABLES -I eth_accept -j ACCOUNT --addr $INTERNAL_IP --tname account
#fi
}
account_stop() {
for I in `$IPTABLES -L FORWARD -n -v --line-numbers | grep ACCOUNT | awk '{print $1}' | sort -r -n`; do
$IPTABLES -D FORWARD $I
done
#for I in `$IPTABLES -L eth_accept -n -v --line-numbers | grep ACCOUNT | awk '{print $1}' | sort -r -n`; do
# $IPTABLES -D eth_accept $I
#done
}
account_restart() {
account_start
}
account_reset() {
iptaccount -f -l account &>/dev/null
iptaccount -f -l account_ext &>/dev/null
rm -f "$ACCOUNT_DIR/data.txt"
}
account_graphs_generate_ip() {
account_create_dir
# NaÄteme novĂĄ data
local DATA=`iptaccount -f -l account 2>/dev/null | grep "IP" | awk '{print $2":"$7":"$12}'`"
"`iptaccount -f -l account_ext 2>/dev/null | grep "IP" | awk '{print $2":"$7":"$12}'`
local DATA_OLD=`grep -v \# "$ACCOUNT_DIR/data.txt"`
local CTIME="`grep \# \"$ACCOUNT_DIR/data.txt\"`"
# UloĹžĂme novĂĄ data do tmp souborĹŻ, protoĹže je rychlejĹĄĂ grepovat IP adresy
# ze souboru, neĹž pomocĂ echa.
echo "$DATA" > "/tmp/account_data.txt"
echo "$DATA_OLD" > "/tmp/account_data_old.txt"
# ZachovĂĄvĂĄme datum vytvoĹenĂ
if [ "$CTIME" == "" ]; then
DATA_I="# vytvoreno `date +%H:%M\" \"%d.%m.%Y`
"
else
DATA_I="$CTIME
"
fi
# zpracujeme data pro nove adresy
for I in $DATA; do
# rychlejsi zpusob ziskani dat
IFS=$' :\t\n'
I=( $I )
IFS=$' \t\n'
# zpracovavana IP adresa, aktualni upload a download
IP=${I[0]}
DOWNLOAD=${I[1]}
UPLOAD=${I[2]}
# Nebudeme uklĂĄdat IP adresy, kterĂŠ majĂ nulovĂ˝ upload, nebo download,
# protoĹže jde vÄtĹĄinou jen o skenovĂĄnĂ sĂtÄ, teoreticky by bylo vhodnĂŠ
# pouĹžĂt nÄjakĂ˝ limit pro druhou nenulovou hodnotu, napĹĂklad 1024 bitĹŻ
# by staÄilo aby byla IP brĂĄna jako aktivnĂ.
( [ "$DOWNLOAD" == "" ] || [ "$UPLOAD" == "" ] ) && continue
( [ "$DOWNLOAD" == "0" ] || [ "$UPLOAD" == "0" ] ) && continue
# starĂ˝ upload a download
IFS=$' :\t\n'
I_OLD=( `grep -F "$IP:" "/tmp/account_data_old.txt"` )
IFS=$' \t\n'
# souÄet downloadu a uploadu
if [ "${I[0]}" == "${I_OLD[0]}" ]; then
DOWNLOAD_NEW=$((${I_OLD[1]} + $DOWNLOAD))
UPLOAD_NEW=$((${I_OLD[2]} + $UPLOAD))
else
DOWNLOAD_NEW=$DOWNLOAD
UPLOAD_NEW=$UPLOAD
fi
# rychlost
DOWNLOAD_RATE=$(($DOWNLOAD / $INTERVAL))
UPLOAD_RATE=$(($UPLOAD / $INTERVAL))
# nechceme ukladat data casto, proto je nacteme do promenne a pak ulozime najdnou, musime odradkovat!
DATA_I=$DATA_I"$IP:$DOWNLOAD_NEW:$UPLOAD_NEW:$DOWNLOAD_RATE:$UPLOAD_RATE
"
# vytvorime rrd soubor
[ ! -e "$ACCOUNT_DIR/rrd/host-$IP.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/host-$IP.rrd" \
--step $INTERVAL \
DS:in:GAUGE:$INTERVAL_0:0:U \
DS:out:GAUGE:$INTERVAL_0:0:U \
RRA:AVERAGE:0.5:$INTERVAL_1 \
RRA:AVERAGE:0.5:$INTERVAL_2 \
RRA:AVERAGE:0.5:$INTERVAL_3 \
RRA:AVERAGE:0.5:$INTERVAL_4
# Do promÄnnĂŠ in a out se uloŞà data, bude pouĹžit model GAUGE, kaĹždĂĄ
# hodnota odpovĂda pĹesnÄ reĂĄlnĂŠ hodnotÄ, nenĂ pĹĂrustkovĂĄ.
# MinimĂĄlnĂ hodnota je 0, maximĂĄlnĂ je unlimited (U).
rrdtool_update "host-$IP.rrd" in:out N:$UPLOAD_RATE:$DOWNLOAD_RATE
done
# MusĂme uloĹžit aktuĂĄlnĂ data z aktivnĂch ip, abychom pĹi nĂĄslednĂŠm prohledĂĄvĂĄnĂ
# brali v potaz jen jiĹž uloĹženĂŠ ip adresy.
echo "$DATA_I" > "/tmp/account_data.txt"
# zpracujeme data i pro stare adresy, toto ma obrovsky vliv na vykon
for I in $DATA_OLD; do
IFS=$' :\t\n'
I=( $I )
IFS=$' \t\n'
IP=${I[0]}
DOWNLOAD=${I[1]}
UPLOAD=${I[2]}
# Nebudeme uklĂĄdat IP adresy, kterĂŠ majĂ nulovĂ˝ upload, nebo download,
# protoĹže jde vÄtĹĄinou jen o skenovĂĄnĂ sĂtÄ!
( [ "$DOWNLOAD" == "" ] || [ "$UPLOAD" == "" ] ) && continue
( [ "$DOWNLOAD" == "0" ] || [ "$UPLOAD" == "0" ] ) && continue
# PokaĹždĂŠ grepovat v souboru je opravdu velmi nevhodnĂŠ, ale rychlejĹĄĂ
# neĹž echo celĂŠ promÄnnĂŠ data.
[ "`grep -F \"$IP:\" \"/tmp/account_data.txt\"`" != "" ] && continue
# UloĹžĂme data
DATA_I=$DATA_I"$IP:$DOWNLOAD:$UPLOAD:0:0
"
# OtĂĄzka je jestli vĹŻbec mĂĄ cenu aktualizovat data pro neaktivnĂ ip adresy
# mĹŻĹže to mĂt nepĹĂznivĂ˝ vliv na vĂ˝kon pĹi vÄtĹĄĂm poÄtu klientĹŻ a jedinĂŠ co nĂĄm to dĂĄvĂĄ
# je lepĹĄĂ pĹesnost v grafec, mĂsto Ăşdaje Na bude 0 hodnota.
# Pokud monitorujete velkĂŠ mnoĹžstĂ adres, pak nĂĄsledujĂcĂ ĹĂĄdky radÄji zakomentujte.
[ "$ACCOUNT_GRAPHS_IP_EX" != "yes" ] && continue
# vytvorime rrd soubor
[ ! -e "$ACCOUNT_DIR/rrd/host-$IP.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/host-$IP.rrd" \
--step $INTERVAL \
DS:in:GAUGE:$INTERVAL_0:0:U \
DS:out:GAUGE:$INTERVAL_0:0:U \
RRA:AVERAGE:0.5:$INTERVAL_1 \
RRA:AVERAGE:0.5:$INTERVAL_2 \
RRA:AVERAGE:0.5:$INTERVAL_3 \
RRA:AVERAGE:0.5:$INTERVAL_4
rrdtool_update "host-$IP.rrd" in:out N:0:0
done
# ZapĂĹĄeme novĂĄ data najednou
echo "$DATA_I" > "$ACCOUNT_DIR/data.txt"
# SmaĹžeme tmp soubory
rm -f "/tmp/account_data.txt"
rm -f "/tmp/account_data_old.txt"
}
account_graphs_generate_system() {
account_create_dir
# pouĹžĂvanĂĄ promÄnnĂĄ, do kterĂŠ uklĂĄdĂĄme zĂskanĂŠ informace
local DATA=""
# zĂĄtÄĹž procesoru
local CPU_DATA=`cat /proc/stat`
local CPU_DATA_OLD=`cat $ACCOUNT_DIR/cpu_load_data.txt 2>/dev/null`
echo "$CPU_DATA" > "$ACCOUNT_DIR/cpu_load_data.txt"
local CPU_LOAD=""
if [ "$CPU_DATA_OLD" != "" ]; then
IFS=$'\t\n'
for I in $CPU_DATA; do
IFS=$' \t\n'
I=( $I )
[ "${I[0]:0:3}" != "cpu" ] && continue
IFS=$'\t\n'
for J in $CPU_DATA_OLD; do
IFS=$' \t\n'
J=( $J )
[ "${I[0]}" != "${J[0]}" ] && continue
# naĹĄli jsme odpovĂdajĂcĂ pĹedchozĂ data
TIME=$((${I[1]} + ${I[2]} + ${I[3]} + ${I[4]} + ${I[5]} + ${I[6]} + ${I[7]} - ${J[1]} - ${J[2]} - ${J[3]} - ${J[4]} - ${J[5]} - ${J[6]} - ${J[7]}))
LOAD=$((100 - ((100 * (${I[4]} - ${J[4]})) / $TIME)))
LOAD_USER=$(((100 * (${I[1]} - ${J[1]})) / $TIME))
LOAD_USER_NICE=$(((100 * (${I[2]} - ${J[2]})) / $TIME))
LOAD_SYSTEM=$(((100 * (${I[3]} - ${J[3]})) / $TIME))
LOAD_IOWAIT=$(((100 * (${I[5]} - ${J[5]})) / $TIME))
LOAD_HARDIRQ=$(((100 * (${I[6]} - ${J[6]})) / $TIME))
LOAD_SOFTIRQ=$(((100 * (${I[7]} - ${J[7]})) / $TIME))
break
done
CPU_LOAD=$CPU_LOAD"${I[0]} $LOAD
"
DATA=$DATA"${I[0]}_load $LOAD
${I[0]}_load_user $LOAD_USER
${I[0]}_load_user_nice $LOAD_USER_NICE
${I[0]}_load_system $LOAD_SYSTEM
${I[0]}_load_iowait $LOAD_IOWAIT
${I[0]}_load_hardirq $LOAD_HARDIRQ
${I[0]}_load_softirq $LOAD_SOFTIRQ
"
done
IFS=$' \t\n'
else
# Pro tvorbu grafu musĂme zĂskat alespoĹ poÄet procesorĹŻ, jinak
# bychom pĹi prvnĂm naÄtenĂ vytvoĹili chybnĂ˝ soubor.
for I in $CPU_DATA; do
IFS=$' \t\n'
I=( $I )
[ "${I[0]:0:3}" != "cpu" ] && continue
CPU_LOAD=$CPU_LOAD"${I[0]} 0
"
DATA=$DATA"${I[0]}_load 0
${I[0]}_load_user 0
${I[0]}_load_user_nice 0
${I[0]}_load_system 0
${I[0]}_load_iowait 0
${I[0]}_load_hardirq 0
${I[0]}_load_softirq 0
"
done
fi
echo "$CPU_LOAD" > "$ACCOUNT_DIR/cpu_load.txt"
# vyuĹžitĂ RAM
IFS=$' \t\n'
local MEM_DATA=( `awk '{print $2}' /proc/meminfo` )
DATA=$DATA"mem_total ${MEM_DATA[0]}
mem_used $(((${MEM_DATA[0]} - ${MEM_DATA[1]}) * 1024))
mem_buffers $((${MEM_DATA[2]} * 1024))
mem_cached $((${MEM_DATA[3]} * 1024))
mem_active $((${MEM_DATA[5]} * 1024))
mem_inact $((${MEM_DATA[6]} * 1024))
mem_mapped $((${MEM_DATA[16]} * 1024))
mem_slab $((${MEM_DATA[17]} * 1024))
swap_total $((${MEM_DATA[11]} * 1024))
swap_used $(((${MEM_DATA[11]} - ${MEM_DATA[12]}) * 1024))
"
# obsazenĂ rootfs, tmpfs a tmpfs_small
local FS_DATA=`df / /var/tmpfs /var/tmpfs/small 2>/dev/null`
IFS=$'\t\n'
for I in $FS_DATA; do
IFS=$' \t\n'
I=( $I )
if [ "${I[5]}" == "/" ]; then
ROOT_TOTAL=$((${I[1]} * 1024))
ROOT_USED=$((${I[2]} * 1024))
elif [ "${I[5]}" == "/var/tmpfs" ]; then
TMPFS_TOTAL=$((${I[1]} * 1024))
TMPFS_USED=$((${I[2]} * 1024))
elif [ "${I[5]}" == "/var/tmpfs/small" ]; then
TMPFSS_TOTAL=$((${I[1]} * 1024))
TMPFSS_USED=$((${I[2]} * 1024))
fi
done
IFS=$' \t\n'
DATA=$DATA"root_total $ROOT_TOTAL
root_used $ROOT_USED
tmpfs_total $TMPFS_TOTAL
tmpfs_used $TMPFS_USED
tmpfss_total $TMPFSS_TOTAL
tmpfss_used $TMPFSS_USED
"
# PoÄet aktivnĂ poÄĂtaÄĹŻ na zĂĄkladÄ conntrack, bohuĹžel sloĹžitĂŠ matchovĂĄnĂ na zĂĄkladÄ
# danĂŠho internĂho rozsahu by bylo nepĹimÄĹenÄ pomalĂŠ, proto sprĂĄvnÄ matchuje pouze
# rozsahy: 0.0.0.0/0, X.0.0.0/8, X.X.0.0/16 a X.X.X.0/24
IFS=$'/.\t\n'
local INTERNAL_IP=( $INTERNAL_IP )
IFS=$' \t\n'
[ "${INTERNAL_IP[0]}" != "0" ] && POM_IP="${INTERNAL_IP[0]}."
[ "${INTERNAL_IP[1]}" != "0" ] && POM_IP="$POM_IP${INTERNAL_IP[1]}."
[ "${INTERNAL_IP[2]}" != "0" ] && POM_IP="$POM_IP${INTERNAL_IP[2]}."
[ "${INTERNAL_IP[3]}" != "0" ] && POM_IP="$POM_IP${INTERNAL_IP[3]}"
local ACTIVE_IPS=`awk '{print $5}' /proc/net/ip_conntrack | cut -d= -f2 | grep -F $POM_IP | sort -u | wc -l`
DATA=$DATA"active_ips $ACTIVE_IPS
"
echo "$ACTIVE_IPS" > "$ACCOUNT_DIR/users.txt"
local CREATE_DATA=""
local UPDATE_DATA1=""
local UPDATE_DATA2=""
IFS=$'\t\n'
for I in $DATA; do
IFS=$' \t\n'
I=( $I )
CREATE_DATA=$CREATE_DATA" DS:${I[0]}:GAUGE:$INTERVAL_0:0:U"
UPDATE_DATA1=$UPDATE_DATA1":${I[0]}"
UPDATE_DATA2=$UPDATE_DATA2":${I[1]}"
done
IFS=$' \t\n'
# SamotnĂŠ vytvoĹenĂ rrd souboru
[ ! -e "$ACCOUNT_DIR/rrd/system.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/system.rrd" \
--step $INTERVAL $CREATE_DATA \
RRA:AVERAGE:0.5:$INTERVAL_1 \
RRA:AVERAGE:0.5:$INTERVAL_2 \
RRA:AVERAGE:0.5:$INTERVAL_3 \
RRA:AVERAGE:0.5:$INTERVAL_4
# aktualizujeme data
rrdtool_update "system.rrd" ${UPDATE_DATA1:1} N$UPDATE_DATA2
}
# funkce vyĹžaduje kompletnĂ pĹepsĂĄnĂ a optimalizaci
account_graphs_generate_interfaces() {
account_create_dir
# naÄteme zĂĄkladnĂ data
local DATA=`grep -F ":" /proc/net/dev | sed 's/:/ /g'`
local DATA_OLD=`cat "$ACCOUNT_DIR/interfaces.txt" 2>/dev/null`
echo "$DATA" > "$ACCOUNT_DIR/interfaces.txt"
# data pro generovĂĄnĂ celkovĂ˝ch pĹenesenĂ˝ch dat na rozhranĂ
local DATA_2=""
local DATA_2_OLD=`cat "$ACCOUNT_DIR/interfaces_data.txt" 2>/dev/null`
local TOTAL_DOWNLOAD="0"
local TOTAL_UPLOAD="0"
local TOTAL_DOWNLOAD_RATE="0"
local TOTAL_UPLOAD_RATE="0"
# Pro vytvoĹenĂ statistik potĹebujeme pĹedchozĂ data
if [ "$DATA_OLD" != "" ]; then
IFS=$'\t\n'
for I in $DATA; do
IFS=$' \t\n'
I=( $I )
[ "${I[0]:1:2}" != "th" ] && [ "${I[0]:0:4}" != "wlan" ] && continue
DOWNLOAD=${I[1]}
UPLOAD=${I[9]}
DOWNLOAD_DIFF="0"
UPLOAD_DIFF="0"
DOWNLOAD_RATE="0"
UPLOAD_RATE="0"
DOWNLOAD_TOTAL="0"
UPLOAD_TOTAL="0"
# V pĹŻvodnĂch datech najdeme rozhranĂ
IFS=$'\t\n'
for J in $DATA_OLD; do
IFS=$' \t\n'
J=( $J )
[ "${I[0]}" != "${J[0]}" ] && continue
DOWNLOAD_OLD=${J[1]}
UPLOAD_OLD=${J[9]}
# poÄĂtadla na rozhranĂ pĹetĂŠkajĂ po pĹenesenĂ 4 GB dat
if [ "$DOWNLOAD" -lt "$DOWNLOAD_OLD" ]; then
DOWNLOAD_DIFF=$(($DOWNLOAD + ( 4 * 1024 * 1024 * 1024 ) - $DOWNLOAD_OLD))
else
DOWNLOAD_DIFF=$(($DOWNLOAD - $DOWNLOAD_OLD))
fi
if [ "$UPLOAD" -lt "$UPLOAD_OLD" ]; then
UPLOAD_DIFF=$(($UPLOAD + ( 4 * 1024 * 1024 * 1024 ) - $UPLOAD_OLD))
else
UPLOAD_DIFF=$(($UPLOAD - $UPLOAD_OLD))
fi
# spoÄĂtĂĄme aktuĂĄlnĂ pĹenosovu rychlost na rozhranĂ
DOWNLOAD_RATE=$(($DOWNLOAD_DIFF / $INTERVAL))
UPLOAD_RATE=$(($UPLOAD_DIFF / $INTERVAL))
break
done
# VĂ˝poÄet staĹženĂ˝ch dat na rozhranĂ
IFS=$'\t\n'
for J in $DATA_2_OLD; do
IFS=$' \t\n'
J=( $J )
[ "${I[0]}" != "${J[0]}" ] && continue
DOWNLOAD_TOTAL=$((${J[1]} + $DOWNLOAD_DIFF))
UPLOAD_TOTAL=$((${J[2]} + $UPLOAD_DIFF))
break
done
[ "$DOWNLOAD_TOTAL" == "0" ] && DOWNLOAD_TOTAL="$DOWNLOAD"
[ "$UPLOAD_TOTAL" == "0" ] && UPLOAD_TOTAL="$UPLOAD"
DATA_2=$DATA_2"${I[0]} $DOWNLOAD_TOTAL $UPLOAD_TOTAL $DOWNLOAD_RATE $UPLOAD_RATE
"
# UloĹžĂme prĹŻtok rozhranĂm
[ ! -e "$ACCOUNT_DIR/rrd/interface-${I[0]}.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/interface-${I[0]}.rrd" \
--step $INTERVAL \
DS:in:GAUGE:$INTERVAL_0:0:U \
DS:out:GAUGE:$INTERVAL_0:0:U \
RRA:AVERAGE:0.5:$INTERVAL_1 \
RRA:AVERAGE:0.5:$INTERVAL_2 \
RRA:AVERAGE:0.5:$INTERVAL_3 \
RRA:AVERAGE:0.5:$INTERVAL_4
rrdtool_update "interface-${I[0]}.rrd" in:out N:$DOWNLOAD_RATE:$UPLOAD_RATE
TOTAL_DOWNLOAD=$(($DOWNLOAD_TOTAL + $TOTAL_DOWNLOAD))
TOTAL_UPLOAD=$(($UPLOAD_TOTAL + $TOTAL_UPLOAD))
TOTAL_DOWNLOAD_RATE=$(($DOWNLOAD_RATE + $TOTAL_DOWNLOAD_RATE))
TOTAL_UPLOAD_RATE=$(($UPLOAD_RATE + $TOTAL_UPLOAD_RATE))
done
IFS=$' \t\n'
fi
DATA_2=$DATA_2"all $TOTAL_DOWNLOAD $TOTAL_UPLOAD $TOTAL_DOWNLOAD_RATE $TOTAL_UPLOAD_RATE
"
# CelkovĂĄ data protĂŠkajĂcĂ skrze router
[ ! -e "$ACCOUNT_DIR/rrd/interface-all.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/interface-all.rrd" \
--step $INTERVAL \
DS:all:GAUGE:$INTERVAL_0:0:U \
RRA:AVERAGE:0.5:$INTERVAL_1 \
RRA:AVERAGE:0.5:$INTERVAL_2 \
RRA:AVERAGE:0.5:$INTERVAL_3 \
RRA:AVERAGE:0.5:$INTERVAL_4
rrdtool_update "interface-all.rrd" all N:$(($TOTAL_DOWNLOAD_RATE + $TOTAL_UPLOAD_RATE))
echo "$DATA_2" > "$ACCOUNT_DIR/interfaces_data.txt"
}
account_graphs_generate_pings() {
account_create_dir
[ ! -e "/etc/firewall/routers.conf" ] && return 0
# naÄteme data
local DATA=`grep -F "." /etc/firewall/routers.conf | awk '{print $1}'`
local DATA_OLD=`grep -v \# "$ACCOUNT_DIR/routers.txt"`
local DATA_NEW=""
# Zpracujeme data
for I in $DATA; do
[ "${I:0:1}" == "#" ] && continue
GOOD="0"
BAD="0"
IFS=$'\t\n'
for J in $DATA_OLD; do
IFS=$': \t\n'
J=( $J )
IFS=$' \t\n'
[ "$I" != "${J[0]}" ] && continue
GOOD="${J[1]}"
BAD="${J[2]}"
break
done
IFS=$'\/ \t\n'
RESPONSE=( `ping $I -c 1 -s 1024 -q -v -W 1 | grep min 2>/dev/null` )
IFS=$' \t\n'
if [ "${RESPONSE[7]}" == "" ]; then
((BAD++))
else
((GOOD++))
fi
DATA_NEW=$DATA_NEW"$I:$GOOD:$BAD
"
# VytvoĹĂme graf
[ ! -e "$ACCOUNT_DIR/rrd/ping-$I.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/ping-$I.rrd" \
--step $INTERVAL \
DS:response:GAUGE:$INTERVAL_0:0:U \
RRA:AVERAGE:0.5:$INTERVAL_1 \
RRA:AVERAGE:0.5:$INTERVAL_2 \
RRA:AVERAGE:0.5:$INTERVAL_3 \
RRA:AVERAGE:0.5:$INTERVAL_4
rrdtool_update "ping-$I.rrd" response N:${RESPONSE[7]}
done
echo "$DATA_NEW" > "$ACCOUNT_DIR/routers.txt"
}
account_graphs_get_mikrotik_wifi_clients() {
account_create_dir
[ ! -e "/etc/firewall/mikrotik.conf" ] && return 0
local DATA=`grep -F "." /etc/firewall/mikrotik.conf`
local DATA_NEW=""
IFS=$'\t\n'
for I in $DATA; do
IFS=$' \t\n'
I=( $I )
[ "${I[0]:0:1}" == "#" ] && continue
DATA_NEW=$DATA_NEW"`mikrotik_get -ip=${I[0]} -name=${I[1]} -pwd=${I[2]} -cmd=\"interface wireless registration-table print\" | grep \":\" | sed 's/\r\$//'`"
done
IFS=$' \t\n'
echo "$DATA_NEW" > "$ACCOUNT_DIR/mikrotik_wifi.txt"
}
account_graphs_generate_signal() {
account_create_dir
local DATA=""
# madwifi
for I in `ls /proc/net/madwifi/ 2>/dev/null`; do
# z madwifi lze zĂskat data pĹes wlanconfig i iwlist
#iwlist $I peers
IFS=$'\t\n'
CLIENTS=`wlanconfig $I list | grep ":" | tr [:lower:] [:upper:]`
for CLIENT in $CLIENTS; do
IFS=$' \t\n'
CLIENT=( $CLIENT )
DATA=$DATA"$I ${CLIENT[0]} ${CLIENT[5]}
"
IFS=$'\t\n'
done
IFS=$' \t\n'
done
# hostap
for I in `ls /proc/net/hostap/ 2>/dev/null`; do
# hostap ukrývå vťe v proc
IFS=$'\t\n'
CLIENTS=`ls /proc/net/hostap/$I/ | grep ":"`
for CLIENT in $CLIENTS; do
IFS=$' =\t\n'
SIGNAL=( `grep "signal" /proc/net/hostap/$I/$CLIENT` )
IFS=$' \t\n'
DATA=$DATA"$I $CLIENT ${SIGNAL[5]}
"
IFS=$'\t\n'
done
IFS=$' \t\n'
done
# KlasickĂ˝ iwlist, napĹĂklad madwifi dÄlĂĄ takto bgscan, takĹže jde spĂĹĄ
# o scan, neĹžli o mÄĹenĂ signĂĄlu klientĹŻ.
#IFS=$'\t\n'
#for I in `ip link show 2>/dev/null | grep -E "wlan|ath"`; do
# IFS=$' :\t\n'
# I=( $I )
# IFS=$'\t\n'
# CLIENTS=`iwlist ${I[1]} peers | grep ":" | grep -i "signal" | tr [:lower:] [:upper:]`
# for CLIENT in $CLIENTS; do
# IFS=$' =\t\n'
# CLIENT=( $CLIENT )
# IFS=$' \t\n'
# DATA=$DATA"${I[1]} ${CLIENT[0]} ${CLIENT[6]}
#"
# IFS=$'\t\n'
# done
# IFS=$' \t\n'
#done
# Nahrajeme data takĂŠ pro mikrotik
if [ -e "$ACCOUNT_DIR/mikrotik_wifi.txt" ] && [ "$ACCOUNT_GRAPHS_MK_SIGNAL" == "yes" ]; then
CLIENTS=`grep ":" "$ACCOUNT_DIR/mikrotik_wifi.txt"`
IFS=$'\t\n'
for CLIENT in $CLIENTS; do
IFS=$' \t\n'
CLIENT=( $CLIENT )
# Mikrotik obÄas nezaĹĄle RADIO-NAME a tĂm rozhodĂ poĹadĂ
if [ "${CLIENT[3]:2:1}" == ":" ]; then
DATA=$DATA"${CLIENT[1]} ${CLIENT[3]} -${CLIENT[5]//[^0-9]/}
"
elif [ "${CLIENT[2]:2:1}" == ":" ]; then
DATA=$DATA"${CLIENT[1]} ${CLIENT[2]} -${CLIENT[4]//[^0-9]/}
"
fi
IFS=$'\t\n'
done
IFS=$' \t\n'
fi
# hromadnÄ zmÄnĂme vĹĄe na velkĂĄ pĂsmena
DATA="`echo \"$DATA\" | tr [:lower:] [:upper:]`"
IFS=$'\t\n'
for I in $DATA; do
IFS=$' \t\n'
I=( $I )
# rrdtool nesnese v nĂĄzvu soubor se vstupnĂmi daty dvojteÄky
MAC=${I[1]//:/-}
[ ! -e "$ACCOUNT_DIR/rrd/signal-$MAC.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/signal-$MAC.rrd" \
--step $INTERVAL \
DS:signal:GAUGE:$INTERVAL_0:-100:0 \
RRA:AVERAGE:0.5:$INTERVAL_1 \
RRA:AVERAGE:0.5:$INTERVAL_2 \
RRA:AVERAGE:0.5:$INTERVAL_3 \
RRA:AVERAGE:0.5:$INTERVAL_4
# aktualizujeme data pro vsechny karty
rrdtool_update "signal-$MAC.rrd" signal N:${I[2]}
IFS=$'\t\n'
done
IFS=$' \t\n'
}
account_graphs_generate_drives() {
account_create_dir
# NaÄteme data, jen lokĂĄlnĂ disky, zobrazit typ a postfix zobrazenĂ
local DATA=`df -lTP`
local DATA_NEW=""
local DRIVES=""
local SIZES=""
IFS=$'\t\n'
for I in $DATA; do
IFS=$' \t\n'
I=( $I )
[ "${I[0]}" == "/dev/root" ] && I[0]="/dev/`readlink /dev/root`"
if [ "${I[0]%/*}" == "/dev" ]; then
# MusĂme pĹedejĂt bind mountĹŻm, nezpracovĂĄvĂĄme jiĹž zpracovanĂ˝ disk.
[ "`echo \"$DRIVES\" | grep -x \"${I[0]}\"`" != "" ] && continue
DRIVES=$DRIVES"${I[0]}
"
DRIVE=${I[0]##*/}
TYPE="drive"
elif [ "${I[0]}" == "tmpfs" ] || [ "${I[0]}" == "cf_main" ]; then
# MusĂme pĹedejĂt bind mountĹŻm, nezpracovĂĄvĂĄme jiĹž zpracovanĂ˝ disk.
[ "`echo \"$SIZES\" | grep -x \"${I[2]}-${I[3]}\"`" != "" ] && continue
SIZES=$SIZES"${I[2]}-${I[3]}
"
# nahradĂme vĹĄechny / pomlÄkou a odstranĂme prvnĂ pomlÄku
DRIVE=${I[6]//\//-}
DRIVE=${DRIVE:1}
TYPE="tmpfs"
else
continue
fi
TOTAL=$((${I[2]} * 1024))
USED=$((${I[3]} * 1024))
# VytvoĹĂme graf
[ ! -e "$ACCOUNT_DIR/rrd/$TYPE-$DRIVE.rrd" ] && rrdtool create "$ACCOUNT_DIR/rrd/$TYPE-$DRIVE.rrd" \
--step $INTERVAL \
DS:total:GAUGE:$INTERVAL_0:0:U \
DS:used:GAUGE:$INTERVAL_0:0:U \
RRA:AVERAGE:0.5:$INTERVAL_1 \
RRA:AVERAGE:0.5:$INTERVAL_2 \
RRA:AVERAGE:0.5:$INTERVAL_3 \
RRA:AVERAGE:0.5:$INTERVAL_4
rrdtool_update "$TYPE-$DRIVE.rrd" total:used N:$TOTAL:$USED
done
}
account_graphs_reset() {
rm -rf "$ACCOUNT_DIR/rrd/"*
rm -rf "$ACCOUNT_DIR/graphs/"*
rm -f "$ACCOUNT_DIR/cpu_load.txt"
rm -f "$ACCOUNT_DIR/cpu_load_data.txt"
rm -f "$ACCOUNT_DIR/data.txt"
rm -f "$ACCOUNT_DIR/interfaces.txt"
rm -f "$ACCOUNT_DIR/interfaces_data.txt"
rm -f "$ACCOUNT_DIR/mikrotik_wifi.txt"
rm -f "$ACCOUNT_DIR/routers.txt"
rm -f "$ACCOUNT_DIR/signals.txt"
rm -f "$ACCOUNT_DIR/users.txt"
iptaccount -f -l account &>/dev/null
iptaccount -f -l account_ext &>/dev/null
}
# automaticke spousteni generovani grafu pro webove rozhrani
if [ "$ACCOUNT_GRAPHS" == "yes" ] && [ "$ACCOUNT" == "yes" ] && [ "$FIREWALL" == "yes" ] && [ ! -e "/etc/cron.d/account_graphs" ]; then
echo -n "Creating cron file for firewall account..."
ro_test "/etc/cron.d/account_graphs"
echo "# Created by firewall script for account" > /etc/cron.d/account_graphs
echo "*/2 * * * * root /etc/init.d/firewall account_graphs_generate" >> /etc/cron.d/account_graphs
ro_exit
echo "done."
elif ( [ "$ACCOUNT" != "yes" ] || [ "$ACCOUNT_GRAPHS" != "yes" ] || [ "$FIREWALL" != "yes" ] || [ "$1" == "account_stop" ] ) && [ -e "/etc/cron.d/account_graphs" ] && [ "`basename $0`" != "account" ]; then
echo -n "Deleting cron file for firewall account..."
ro_test "/etc/cron.d/account_graphs"
rm -f "/etc/cron.d/account_graphs" 2>/dev/null
ro_exit
echo "done."
fi